﻿<?php
if(!defined('IN_DISCUZ')) {
	exit('Access Denied');
}
define('SVOTEDIR', 'plugin.php?id=sxooo_dzx');
include ('sxooo.upload.php');
include ('sxooo.lang.php');
if($sview_group == "1" && !$_G['uid']){
	showmessage('not_loggedin', NULL, array(), array('login' => 1));
	exit();
}
$pmessage=dhtmlspecialchars($_POST["message"]);
$type=dhtmlspecialchars($_GET["type"]);
$action=dhtmlspecialchars($_GET["action"]);
$actions=dhtmlspecialchars($_GET["actions"]);
$tpseccode=intval($_POST['tpauthcode']);
$plseccode=intval($_POST['authcode']);
$page=intval($_GET['page']);
$pages=intval($_GET['pages']);
$pagexs=intval($_POST['pagexs']);
$pagepl=intval($_POST['pagepl']);
$pagesh=intval($_POST['pagesh']);
$gplid=intval($_GET['plid']);
$gxsid=intval($_GET['xsid']);
$ghdid=intval($_GET['hdid']);
$phdipcs=intval($_POST['hdipcs']);
$phdtpcs=intval($_POST['hdtpcs']);
$pshzt=intval($_POST['shzt']);
$pp=intval($_POST['xgp']);
$pr=intval($_POST['xgr']);
$phdggos=intval($_POST['hdggos']);
$phdggtype=intval($_POST['hdggtype']);
$pxsjjos=intval($_POST['xsjjos']);
$pgbookos=intval($_POST['gbookos']);
$phdjlxx=intval($_POST['hdjlxx']);
$phdjlsx=intval($_POST['hdjlsx']);
$phdindex=intval($_POST['hdindex']);
$vote_jgtime=intval($_POST['vote_jgtime']);
$pxsuid=intval($_POST['xsuid']);
$phdvoteos=intval($_POST['hdvoteos']);
$phdbmos=intval($_POST['hdbmos']);
$phdxsxg=intval($_POST['hdxsxg']);
$phdsjjlos=intval($_POST['hdsjjlos']);
$pjifenjjos=intval($_POST['jifenjjos']);
$view_group=intval($_POST['view_group']);
$vote_group=intval($_POST['vote_group']);
$gbook_os=intval($_POST['gbook_os']);
$gbook_yzos=intval($_POST['gbook_yzos']);
$gbook_group=intval($_POST['gbook_group']);
$gbook_jg=intval($_POST['gbook_jg']);
$gbook_jgtime=intval($_POST['gbook_jgtime']);
$vote_yzos=intval($_POST['vote_yzos']);
$vote_jg=intval($_POST['vote_jg']);
$ms_os=intval($_POST['ms_os']);
$ms_uid=intval($_POST['ms_uid']);
$pjjhtml=intval($_POST['jjhtml']);
$phdid=intval($_POST['hdid']);
$pjbzlos=intval($_POST['jbzlos']);
$pzzs=intval($_POST['zzs']);
$gzzsid=intval($_GET['zzsid']);
$pzzsindex=intval($_POST['zzsindex']);
$pzzsname=dhtmlspecialchars($_POST['zzsname']);
$pzzsimg=dhtmlspecialchars($_POST['zzsimg']);
$pzzsurl=dhtmlspecialchars($_POST['zzsurl']);
$pxsname=dhtmlspecialchars($_POST['xsname']);
$pxsnicheng=dhtmlspecialchars($_POST['xsnicheng']);
$psay=dhtmlspecialchars($_POST['say']);
$pinfo=dhtmlspecialchars($_POST['info']);
$phdname=dhtmlspecialchars($_POST['hdname']);
$phdjlzd=dhtmlspecialchars($_POST['hdjlzd']);
$psvotepic=dhtmlspecialchars($_POST['svotepic']);

$foa=dhtmlspecialchars($_POST['foa']);
$fob=dhtmlspecialchars($_POST['fob']);
$foc=dhtmlspecialchars($_POST['foc']);
$fod=dhtmlspecialchars($_POST['fod']);
$foe=dhtmlspecialchars($_POST['foe']);
$fof=dhtmlspecialchars($_POST['fof']);
$fog=dhtmlspecialchars($_POST['fog']);
$foh=dhtmlspecialchars($_POST['foh']);
$foi=dhtmlspecialchars($_POST['foi']);
$foj=dhtmlspecialchars($_POST['foj']);
$fok=dhtmlspecialchars($_POST['fok']);
$fol=dhtmlspecialchars($_POST['fol']);
$pea=intval($_POST['pea']);
$peb=intval($_POST['peb']);
$pec=intval($_POST['pec']);
$ped=intval($_POST['ped']);
$pee=intval($_POST['pee']);
$pef=intval($_POST['pef']);
$peg=intval($_POST['peg']);
$peh=intval($_POST['peh']);
$pei=intval($_POST['pei']);
$pej=intval($_POST['pej']);
$pek=intval($_POST['pek']);
$pel=intval($_POST['pel']);
$ina=dhtmlspecialchars($_POST['ina']);
$inb=dhtmlspecialchars($_POST['inb']);
$inc=dhtmlspecialchars($_POST['inc']);
$ind=dhtmlspecialchars($_POST['ind']);
$ine=dhtmlspecialchars($_POST['ine']);
$inf=dhtmlspecialchars($_POST['inf']);
$ing=dhtmlspecialchars($_POST['ing']);
$inh=dhtmlspecialchars($_POST['inh']);
$ini=dhtmlspecialchars($_POST['ini']);
$inj=dhtmlspecialchars($_POST['inj']);
$ink=dhtmlspecialchars($_POST['ink']);
$inl=dhtmlspecialchars($_POST['inl']);
$tya=intval($_POST['tya']);
$tyb=intval($_POST['tyb']);
$tyc=intval($_POST['tyc']);
$tyd=intval($_POST['tyd']);
$tye=intval($_POST['tye']);
$tyf=intval($_POST['tyf']);
$tyg=intval($_POST['tyg']);
$tyh=intval($_POST['tyh']);
$tyi=intval($_POST['tyi']);
$tyj=intval($_POST['tyj']);
$tyk=intval($_POST['tyk']);
$tyl=intval($_POST['tyl']);

if($rows = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_admin').""))){
	$sview_group= $rows[1];
	$svote_group = $rows[2];
	$sweburl = $rows[3];
	$swebname = $rows[4];
	$sby = $rows[5];
	$sgbook_os = $rows[6];
	$sgbook_yzos = $rows[7];
	$sgbook_group = $rows[8];
	$sgbook_jg = $rows[9];
	$sgbook_jgtime = $rows[10];
	$svote_yzos = $rows[11];
	$svote_jg = $rows[12];
	$svote_jgtime = $rows[13];
	$sms_os = $rows[14];
	$sms_uid = $rows[15];
	$spagexs = $rows[16];
	$spagepl = $rows[17];
	$spagesh = $rows[18];
	$shdggos = $rows[19];
	$shdggtype = $rows[20];
	$sxsjjos = $rows[21];
	$sgbookos = $rows[22];
	$axguid = $rows[23];
	$sjbzlos = $rows[24];
	$svotepic = $rows[25];
	$szzs = $rows[26];
	$byb = $rows[27];
}
else{
//	showmessage($tsxx[noqjszsj],"javascript:history.back(-1)");
//	exit();
}
if($sms_os != 1){
	$sms_uid = $axguid;
}

//如果活动介绍支持HTML关闭，则过滤实体化HTML，否则直接使用提交的数据
if($byb == 0){
	$phdjianjie = dhtmlspecialchars($_POST['hdjianjie']);
}
else{
	$phdjianjie = $_POST['hdjianjie'];
}
$activeties = array();
$query = DB::query("select * from ".DB::table('plusin_sxooo_vote_hd')." order by hdindex asc");
while($hdtem = mysql_fetch_array($query)){
	$t[] = $hdtem;
}
$zzss =array();
$query = DB::query("select * from ".DB::table('plusin_sxooo_vote_zzs')." order by zzsindex asc");
while($zzstem = mysql_fetch_array($query)){
	$zzss[] = $zzstem;
}
unset($ip);


if($_SERVER['HTTP_CLIENT_IP']){
	$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif($_SERVER['HTTP_X_FORWARDED_FOR']){
	$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}else{
	$ip=$_SERVER['REMOTE_ADDR'];
}
if ($action=="qjsz"){
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if ($actions=="yes" && isset($_POST['vote_group']) && isset($_POST['gbook_os']) && isset($_POST['gbook_yzos']) && isset($_POST['gbook_group']) && isset($_POST['gbook_jg']) && isset($_POST['gbook_jgtime']) && isset($_POST['vote_yzos']) && isset($_POST['vote_jg']) && isset($_POST['vote_jgtime']) && isset($_POST['pagexs']) && isset($_POST['pagepl']) && isset($_POST['pagesh']) && isset($_POST['jbzlos']) && isset($_POST['hdggos']) && isset($_POST['hdggtype']) && isset($_POST['xsjjos']) && isset($_POST['gbookos']) && isset($_POST['zzs']) ){
		if($_G['uid'] == $axguid){
			if($ms_os != 0){
				$mms_uid = $ms_uid;
			}
			else{
				$mms_uid = $axguid;
			}
		}
		else{
			$mms_uid = $sms_uid;
		}
		$sql = "UPDATE ".DB::table('plusin_sxooo_vote_admin')." SET `view_group` = '".$view_group."',
			`vote_group` = '".$vote_group."',
			`gbook_os` = '".$gbook_os."',
			`gbook_yzos` = '".$gbook_yzos."',
			`gbook_group` = '".$gbook_group."',
			`gbook_jg` = '".$gbook_jg."',
			`gbook_jgtime` = '".$gbook_jgtime."',
			`vote_yzos` = '".$vote_yzos."',
			`vote_jg` = '".$vote_jg."',
			`vote_jgtime` = '".$vote_jgtime."',
			`ms_os` = '".$ms_os."',
			`ms_uid` = '".$mms_uid."',
			`pagexs` = '".$pagexs."',
			`pagepl` = '".$pagepl."',
			`pagesh` = '".$pagesh."',
			`hdggos` = '".$phdggos."',
			`hdggtype` = '".$phdggtype."',
			`xsjjos` = '".$pxsjjos."',
			`jbzlos` = '".$pjbzlos."',
			`svotepic` = '".$psvotepic."',
			`zzs` = '".$pzzs."',
			`gbookos` = '".$pgbookos."',
			`byb` = '".$pjjhtml."'";
		if(DB::query($sql)){
			showmessage($tsxx[xgqjok],SVOTEDIR);
			exit();
		}
		else{
			showmessage($tsxx[xgqjer],SVOTEDIR);
			exit();
		}
	}
}
if ($action=="xsinfomenu"){
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	$xsmenu = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_menu').""));
	if($actions=="yes"){
		$sql="update ".DB::table('plusin_sxooo_vote_menu')." SET `ina` = '".$ina."',
			`inb` = '".$inb."',
			`inc` = '".$inc."',
			`ind` = '".$ind."',
			`ine` = '".$ine."',
			`inf` = '".$inf."',
			`ing` = '".$ing."',
			`inh` = '".$inh."',
			`ini` = '".$ini."',
			`inj` = '".$inj."',
			`ink` = '".$ink."',
			`inl` = '".$inl."',
			`tya` = '".$tya."',
			`tyb` = '".$tyb."',
			`tyc` = '".$tyc."',
			`tyd` = '".$tyd."',
			`tye` = '".$tye."',
			`tyf` = '".$tyf."',
			`tyg` = '".$tyg."',
			`tyh` = '".$tyh."',
			`tyi` = '".$tyi."',
			`tyj` = '".$tyj."',
			`tyk` = '".$tyk."',
			`tyl` = '".$tyl."' ";
		if(DB::query($sql)){
			showmessage($tsxx[xsinfomenuok],SVOTEDIR);
			exit();
		}
		else{
			showmessage($tsxx[xsinfomenuer],SVOTEDIR);
			exit();
		}
	}
}
if($ghdid==0 or $ghdid==""){
	$sql = "select * from ".DB::table('plusin_sxooo_vote_hd')." order by hdindex desc ";
}
else{
	$sql = "select * from ".DB::table('plusin_sxooo_vote_hd')." where hdid=".$ghdid." order by hdindex desc ";
}
if($row = mysql_fetch_row(DB::query($sql))){
	$hdid = $row[0];
	$hdname = $row[1];
	$hdvoteos = $row[2];
	$hdbmos = $row[3];
	$hdtpcs = $row[4];
	$hdipcs = $row[5];
	$hdjianjie = $row[6];
	$hdsjjlos = $row[7];
	$hdjlzd = $row[8];
	$hdjlxx = $row[9];
	$hdjlsx = $row[10];
	$hdxsxg = $row[11];
	$hdindex = $row[12];
	if( isset($_GET['page']) ){
		$page = intval( $_GET['page'] );
	}
	else{
		$page = 1;
	}
	$PageSize = $spagexs;
	$sql = "select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='1' and hdid=".$hdid."";
	$result = mysql_query($sql);
	$potal = mysql_num_rows($result);
	if ($potal<1){
		$xuanshou = "no";
	}
	$amount = $potal;
	if( $amount ){
		$page_count = ceil(($amount / $PageSize));
	}
	else{
		$page_count = 1;
	}

	$page_string = '';
	if( $page == 1 ){
		$page_string .= $tsxx[page1];
	}
	else{
		$page_string .= '<a href=./plugin.php?id=sxooo_dzx&hdid='.$hdid.'&page=1>'.$tsxx[page3].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&hdid='.$hdid.'&page='.($page-1).'>'.$tsxx[page5].'</a>'.$tsxx[page7];
	}

	if( ($page == $page_count) ){
		$page_string .= $tsxx[page2];
	}
	else{
		$page_string .= '<a href=./plugin.php?id=sxooo_dzx&hdid='.$hdid.'&page='.($page+1).'>'.$tsxx[page6].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&hdid='.$hdid.'&page='.$page_count.'>'.$tsxx[page4].'</a>';
	}
	$list =array();
	if ($type=="vote"){
		$sqlv="select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='1' and hdid=".$hdid." order by p desc limit ". ($page-1)*$PageSize .", $PageSize";
	}
	elseif ($type=="view"){
		$sqlv="select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='1' and hdid=".$hdid." order by r desc limit ". ($page-1)*$PageSize .", $PageSize";
	}
	else{
		$sqlv = "select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='1' and hdid=".$hdid." order by xsid desc limit ". ($page-1)*$PageSize .", $PageSize";
	}
	$result = DB::query($sqlv);

	while($xs = mysql_fetch_array($result)){
		$list[] = $xs;
	}
	$sql ="SELECT * FROM ".DB::table('plusin_sxooo_vote_xs')." where xsuid=".$_G['uid']." and hdid=".$hdid."";
	$query = DB::query($sql);
	$total = mysql_num_rows($query);
	if ($total<1){
		$bmzt = 0;
	}
	else{
		$bmzt = 1;
		$row = mysql_fetch_row($query);
		$xsid = $row[0];
		$xsname = $row[1];
		$xsuid = $row[2];
		$xsnicheng = $row[3];
		$pic = $row[4];
		$say = $row[5];
		$sinfo = $row[6];
		$bmtime = $row[7];
		$p = $row[8];
		$r = $row[9];
		$sh = $row[10];
		$shdid = $row[11];
		if($sh==0){
			$shzt=$tsxx[weishenhe];
		}
		else{
			$shzt=$tsxx[yishenhe];
		}
	}
}
else{
	$huodong = "no";
}
if($action == "tps" && isset($_GET['hdid']) && isset($_GET['xsid'])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$tps =array();
	$query = DB::query("select uname,tptime from ".DB::table('plusin_sxooo_vote_tp')." where tid=".$gxsid." and thdid=".$ghdid." order by id desc limit 20");
	while($tpn = mysql_fetch_array($query)){
		$tps[] = $tpn;
	}
}
if($action == "show" && isset($_GET['hdid']) && isset($_GET['xsid'])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$igl = array();
	$sql = "select src from ".DB::table('plusin_sxooo_vote_xsimg')." where xsid=".$gxsid." and hdid = ".$ghdid." order by id desc limit 4";
	$result = DB::query($sql);
	while($imk = mysql_fetch_array($result)){
		$igl[] = $imk;
	}
	mysql_free_result($result);
	$rowv = mysql_fetch_row(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_xs')." where xsid=".$gxsid." and hdid = ".$ghdid.""));
	$sxsid = $rowv[0];
	$sxsname = $rowv[1];
	$sxsuid = $rowv[2];
	$sxsnicheng = $rowv[3];
	$spic = $rowv[4];
	$ssay = $rowv[5];
	$sinfo = $rowv[6];
	$sbmtime = $rowv[7];
	$sp = $rowv[8];
	$sr = $rowv[9];
	$ssh = $rowv[10];
	$shdid = $rowv[11];
	$ssrc = $rowv[12];
	if($ssh==0){
		$sshzt=$tsxx[weishenhe];
	}
	else{
		$sshzt=$tsxx[yishenhe];;
	}
	$num = DB::result_first("SELECT COUNT(*) FROM ".DB::table('plusin_sxooo_vote_xs')." WHERE p>'$sp' ");
	$nump=$num+1;
	$num = DB::result_first("SELECT COUNT(*) FROM ".DB::table('plusin_sxooo_vote_xs')." WHERE r>'$sr' ");
	$numr=$num+1;
	$xsmenu = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_menu').""));
	$xsinfo = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_info')." where xsid = '".$gxsid."' and hdid=".$ghdid.""));
	DB::query("update ".DB::table('plusin_sxooo_vote_xs')." set r=r+'1' where xsid=".$gxsid." and hdid=".$ghdid."");


	if( isset($_GET['pages']) ){
		$pages = intval( $_GET['pages'] );
	}
	else{
		$pages = 1;
	}
	$PageSizes = $spagepl;
	$potals = mysql_num_rows(mysql_query("select * from ".DB::table('plusin_sxooo_vote_gbook')." where xsid = ".$gxsid." and glid=".$ghdid.""));
	if ($potals<1){
		$pinglunjl = "no";
	}
	$amounts = $potals;
	if( $amounts){
		$page_counts = ceil(($amounts / $PageSizes));
	}
	else{
		$page_counts = 1;
	}
	$page_strings = '';
	if( $pages == 1 ){
		$page_strings .= $tsxx[page1];
	}
	else{
		$page_strings .= '<a href=./plugin.php?id=sxooo_dzx&xsid='.$gxsid.'&hdid='.$ghdid.'&action=show&page=1>'.$tsxx[page3].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&xsid='.$gxsid.'&hdid='.$ghdid.'&action=show&page='.($pages-1).'>'.$tsxx[page5].'</a>'.$tsxx[page7];
	}
	if( ($pages == $page_counts) ){
		$page_strings .= $tsxx[page2];
	}
	else{
		$page_strings .= '<a href=./plugin.php?id=sxooo_dzx&xsid='.$gxsid.'&hdid='.$ghdid.'&action=show&page='.($pages+1).'>'.$tsxx[page6].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&xsid='.$gxsid.'&hdid='.$ghdid.'&action=show&page='.$page_counts.'>'.$tsxx[page4].'</a>';
	}
	$g =array();
	$sql = "select * from ".DB::table('plusin_sxooo_vote_gbook')." where xsid = ".$gxsid." and glid=".$ghdid." order by gtime desc limit ". ($pages-1)*$PageSizes .", $PageSizes";
	$result = mysql_query($sql);
	while($temm = DB::fetch($result)){
		$g[] = $temm;
	}
}
if($action=="sh" && isset($_GET['hdid'])){
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if( isset($_GET['page']) ){
		$page = intval( $_GET['page'] );
	}
	else{
		$page = 1;
	}
	$PageSizesh = $spagesh;
	$potalsh = mysql_num_rows(mysql_query("select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='0' and hdid=".$ghdid.""));
	if ($potalsh<1){
		$shjl = "no";
	}
	$amountsh = $potalsh;
	if( $amountsh){
		$page_countsh = ceil(($amountsh / $PageSizesh));
	}
	else{
		$page_countsh = 1;
	}
	$page_stringsh = '';
	if( $page == 1 ){
		$page_stringsh .= $tsxx[page1];
	}
	else{
		$page_stringsh .= '<a href=./plugin.php?id=sxooo_dzx&hdid='.$ghdid.'&action=sh&page=1>'.$tsxx[page3].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&hdid='.$ghdid.'&action=sh&page='.($page-1).'>'.$tsxx[page5].'</a>'.$tsxx[page7];
	}
	if( ($page == $page_countsh) ){
		$page_stringsh .= $tsxx[page2];
	}
	else{
		$page_stringsh .= '<a href=./plugin.php?id=sxooo_dzx&hdid='.$ghdid.'&action=sh&page='.($page+1).'>'.$tsxx[page6].'</a>'.$tsxx[page7].'<a href=./plugin.php?id=sxooo_dzx&hdid='.$ghdid.'&action=sh&page='.$page_countsh.'>'.$tsxx[page4].'</a>';
	}
	$list =array();
	$query = DB::query("select * from ".DB::table('plusin_sxooo_vote_xs')." where sh='0' and hdid=".$ghdid." order by xsid desc limit ". ($page-1)*$PageSizesh .", $PageSizesh");
	while($tem = DB::fetch($query)){
		$list[] = $tem;
	}
}
if($sby != $tsxx[spbm]){
	showmessage($tsxx[noqjszsj],"javascript:history.back(-1)");
	exit();
}
if($swebname != $tsxx[sxooo]){
	showmessage($tsxx[noqjszsj],"javascript:history.back(-1)");
	exit();
}
if($sweburl != $tsxx[sxooourl]){
	showmessage($tsxx[noqjszsj],"javascript:history.back(-1)");
	exit();
}
if($action=="sh" && $actions=="yes" && isset($_GET['xsid']) && isset($_GET['hdid'])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if(DB::query("update ".DB::table('plusin_sxooo_vote_xs')." set sh='1' where xsid=".$gxsid." and hdid=".$ghdid."")){
		showmessage($tsxx[shenheok], SVOTEDIR);
		exit();
	}
	else{
		showmessage($tsxx[shenheqx], SVOTEDIR);
		exit();
	}
}
if($action=="bm" && isset($_GET['hdid'])){
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckcfbm = mysql_num_rows(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_xs')." where xsuid=".$_G['uid']." and hdid=".$hdid.""));
	if ($ckcfbm>=1){
		showmessage($tsxx[cfbm], "javascript:history.back(-1)");
		exit();
	}
	$xsmenu = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_menu').""));
	if(isset($_POST['xsname']) && isset($_POST['xsnicheng']) && isset($_POST['info']) && isset($_POST['say']) && isset($_POST['hdid'])){
		DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_xs')." (`xsname`, `xsuid`, `xsnicheng`,`pic`,`say`, `info`, `p`, `r`, `hdid`) VALUES ( '".$_G['member']['username']."', '".$_G['uid']."', '".$pxsnicheng."', '0', '".$psay."' , '".$pinfo."',0, 0 , '".$phdid."')");
		$xsbmid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." where xsuid=".$_G['uid']." and hdid=".$phdid.""));
		$xsbmida=$xsbmid[0];
		if(DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_info')." (`xsid`,`hdid`, `foa`, `fob`, `foc`, `fod`, `foe`, `fof`, `fog`, `foh`, `foi`, `foj`, `fok`, `fol`, `pea`, `peb`, `pec`, `ped`, `pee`, `pef`, `peg`, `peh`, `pei`, `pej`, `pek`, `pel`) VALUES ( '".$xsbmida."', '".$phdid."', '".$foa."', '".$fob."', '".$foc."', '".$fod."', '".$foe."', '".$fof."', '".$fog."', '".$foh."', '".$foi."', '".$foj."', '".$fok."', '".$fol."', '".$pea."', '".$peb."', '".$pec."', '".$ped."', '".$pee."', '".$pef."', '".$peg."', '".$peh."', '".$pei."', '".$pej."', '".$pek."', '".$pel."')")){
			showmessage($tsxx[bmok],"plugin.php?id=sxooo_dzx&xsid=$xsbmida&hdid=$ghdid&action=imgup");
			exit();
		}
		else{
			showmessage($tsxx[bmer], SVOTEDIR);
			exit();
		}
	}
}
if($action=="imgup" && isset($_GET['xsid']) && isset($_GET['hdid'])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$xsyz = mysql_fetch_row(DB::query("SELECT xsuid FROM ".DB::table('plusin_sxooo_vote_xs')." where xsid='".$gxsid."' and hdid=".$ghdid.""));
	if($xsyz){
		if($xsyz[0]!=$_G['uid']){
			showmessage($tsxx[cserr], "javascript:history.back(-1)");
			exit();
		}
	}
	else{
		showmessage($tsxx[cserr], "javascript:history.back(-1)");
		exit();
	}
	$zcfbmma = mysql_num_rows(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_xs')." where xsuid='".$_G['uid']."' and hdid=".$ghdid.""));
	if (!$zcfbmma){
		showmessage($tsxx[wbmwfsc],"plugin.php?id=sxooo_dzx");
		exit();
	}
	$rowsh = mysql_fetch_row(DB::query("SELECT sh FROM ".DB::table('plusin_sxooo_vote_xs')." where xsuid='".$_G['uid']."' and hdid=".$ghdid.""));


	if($actions=="add"){
		$upfos = new ieb_upload('pic','source/plugin/sxooo_dzx/upload');
		if($upfos -> getExt() !="jpg" && $upfos -> getExt() !="gif" && $upfos -> getExt() !="png"){
			showmessage($tsxx[shangchuaner], '');
			exit();
		}
		$upfos -> upload ( $upfos -> newName());
		$piccc = $upfos -> UpFile();
		$zprows = mysql_num_rows(mysql_query("select * from ".DB::table('plusin_sxooo_vote_xsimg')." where xsid='".$gxsid."' and hdid=".$ghdid.""));
		if($zprows > 10){
			showmessage($tsxx[imgupder],SVOTEDIR);
			exit();
		}
		DB::query("update ".DB::table('plusin_sxooo_vote_xs')." set pic='1',src= '".$piccc."' where xsid='".$gxsid."' and hdid=".$ghdid."");
		if(DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_xsimg')." (`xsid`, `hdid`, `src`, `xsuid`) VALUES ( '".$gxsid."', '".$ghdid."', '".$piccc."','".$_G['uid']."')")){
			showmessage($tsxx[imgupok], SVOTEDIR);
			exit();
		}
		else{
			showmessage($tsxx[imguper], SVOTEDIR);
			exit();
		}
	}
}
if($action=="zzs" && $actions=="zj" && isset($_POST['zzsname']) && isset($_POST['zzsimg']) && isset($_POST['zzsurl']) && isset($_POST['zzsindex'])){
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if(DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_zzs')." (`zzsname`, `zzsimg`, `zzsurl`, `zzsindex`) VALUES ('".$pzzsname."','".$pzzsimg."','".$pzzsurl."','".$pzzsindex."')")){
		showmessage($tsxx[zzsok],'./plugin.php?id=sxooo_dzx&action=zzs');
		exit();
	}
	else{
		showmessage($tsxx[zzser],"javascript:history.back(-1)");
		exit();
	}
}
if($action=="zzs" && $actions=="sc" && isset($_GET['zzsid'])){
	if(!($_G['uid'] == $axguid or $_G['uid'] == $sms_uid)){
		showmessage($tsxx[xgqx], SVOTEDIR);
		exit();
	}
	DB::query("delete from ".DB::table('plusin_sxooo_vote_zzs')." where zzsid=".$gzzsid."");
	showmessage($tsxx[sczzsok],SVOTEDIR);
	exit();
}
if($action=="xzhd" && isset($_POST['hdname'])){
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if($phdname == ""){
		showmessage($tsxx[wthdmc],"javascript:history.back(-1)");
		exit();
	}
	if(DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_hd')." (`hdname`, `hdvoteos`, `hdbmos`, `hdtpcs`, `hdipcs`, `hdjianjie`, `hdsjjlos`,`hdjlzd`, `hdjlxx`, `hdjlsx`, `hdxsxg`, `hdindex`) VALUES ('".$phdname."','".$phdvoteos."','".$phdbmos."','".$phdtpcs."','".$phdipcs."','".$phdjianjie."','".$phdsjjlos."','".$phdjlzd."','".$phdjlxx."','".$phdjlsx."','".$phdxsxg."','".$phdindex."')")){
		showmessage($tsxx[zjhdok],'./plugin.php?id=sxooo_dzx&action=zjhd');
		exit();
	}
	else{
		showmessage($tsxx[zjhder],"javascript:history.back(-1)");
		exit();
	}
}
if($action=="xghd"){
	if(isset($_GET['hdid'])){
		$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
		if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
			showmessage($tsxx[cserr], SVOTEDIR);
			exit();
		}
	}
	else{
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx],SVOTEDIR);
		exit();
	}
	if(isset($_POST['hdname']) && isset($_POST['hdbmos']) && isset($_POST['hdtpcs']) && isset($_POST['hdipcs']) && isset($_POST['jifenjjos']) && isset($_POST['hdjlzd']) && isset($_POST['hdjlxx']) && isset($_POST['hdjlsx']) && isset($_POST['hdxsxg']) && isset($_POST['hdindex'])){
		$sql = "UPDATE ".DB::table('plusin_sxooo_vote_hd')." SET `hdname` = '".$phdname."',
				`hdvoteos` = '".$phdvoteos."',
				`hdbmos` = '".$phdbmos."',
				`hdtpcs` = '".$phdtpcs."',
				`hdipcs` = '".$phdipcs."',
				`hdjianjie` = '".$phdjianjie."',
				`hdsjjlos` = '".$pjifenjjos."',
				`hdjlzd` = '".$phdjlzd."',
				`hdjlxx` = '".$phdjlxx."',
				`hdjlsx` = '".$phdjlsx."',
				`hdxsxg` = '".$phdxsxg."',
				`hdindex` = '".$phdindex."' WHERE `hdid` = '".$ghdid."' LIMIT 1;" ;
		if(DB::query($sql)){
			showmessage($tsxx[gxhdok],SVOTEDIR);
			exit();
		}
		else{
			showmessage($tsxx[gxhder],SVOTEDIR);
			exit();
		}
	}
}
if($action=="xgxs"){
	if(isset($_GET['hdid']) && isset($_GET['xsid'])){
		$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
		if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
			showmessage($tsxx[cserr], SVOTEDIR);
			exit();
		}
		$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
		if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
			showmessage($tsxx[cserr], SVOTEDIR);
			exit();
		}
	}
	else{
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($hdxsxg == 0 && $_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[byxxg],SVOTEDIR);
		exit();
	}
	$xsmenu = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_menu').""));
	$xsinfo = mysql_fetch_row(DB::query("select * from ".DB::table('plusin_sxooo_vote_info')." where xsid = ".$gxsid." and hdid=".$ghdid.""));
	$row = mysql_fetch_row(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_xs')." where xsid=".$gxsid." and hdid = ".$ghdid.""));
	$sxsid = $row[0];
	$sxsname = $row[1];
	$sxsuid = $row[2];
	$sxsnicheng = $row[3];
	$spic = $row[4];
	$ssay = $row[5];
	$sinfo = $row[6];
	$sbmtime = $row[7];
	$sp = $row[8];
	$sr = $row[9];
	$ssh = $row[10];
	$shdid = $row[11];
	if($ssh==0){
		$sshzt=$tsxx[weishenhe];
	}
	else{
		$sshzt=$tsxx[yishenhe];;
	}
	if($actionss="yes" && isset($_POST['xsnicheng']) && isset($_POST['say']) && isset($_POST['info'])){
		$sql="update ".DB::table('plusin_sxooo_vote_info')." SET `foa` = '".$foa."',
					`fob` = '".$fob."',
					`foc` = '".$foc."',
					`fod` = '".$fod."',
					`foe` = '".$foe."',
					`fof` = '".$fof."',
					`fog` = '".$fog."',
					`foh` = '".$foh."',
					`foi` = '".$foi."',
					`foj` = '".$foj."',
					`fok` = '".$fok."',
					`fol` = '".$fol."',
					`pea` = '".$pea."',
					`peb` = '".$peb."',
					`pec` = '".$pec."',
					`ped` = '".$ped."',
					`pee` = '".$pee."',
					`pef` = '".$pef."',
					`peg` = '".$peg."',
					`peh` = '".$peh."',
					`pei` = '".$pei."',
					`pej` = '".$pej."',
					`pek` = '".$pek."',
					`pel` = '".$pel."' WHERE `hdid` = '".$ghdid."' and `xsid` = '".$gxsid."' LIMIT 1;" ;
		DB::query($sql);
		if($_G['uid'] == $axguid or $_G['uid'] == $sms_uid){
			$sql = "UPDATE ".DB::table('plusin_sxooo_vote_xs')." SET `xsname` = '".$pxsname."',
				`xsnicheng` = '".$pxsnicheng."',
				`say` = '".$psay."',
				`info` = '".$pinfo."',
				`hdid` = '".$phdid."',
				`p` = '".$pp."',
				`r` = '".$pr."',
				`sh` = '".$pshzt."' WHERE `hdid` = '".$ghdid."' and `xsid` = '".$gxsid."' LIMIT 1;" ;
			if (DB::query($sql)){
				showmessage($tsxx[gxxsok],SVOTEDIR);
				exit();
			}
			else{
				showmessage($tsxx[gxxser],SVOTEDIR);
				exit();
			}
		}
		else{

			$sql = "UPDATE ".DB::table('plusin_sxooo_vote_xs')." SET `xsname` = '".$pxsname."',
				`xsnicheng` = '".$pxsnicheng."',
				`say` = '".$psay."',
				`info` = '".$pinfo."',
				`hdid` = '".$phdid."' WHERE `hdid` = '".$ghdid."' and `xsid` = '".$gxsid."' LIMIT 1;" ;
			if (DB::query($sql)){
				showmessage($tsxx[gxxsok],SVOTEDIR);
				exit();
			}
			else{
				showmessage($tsxx[gxxser],SVOTEDIR);
				exit();
			}
		}
	}
}
if($action=="delpl" && isset($_GET["plid"]) && isset($_GET['hdid']) && isset($_GET['xsid'])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx], SVOTEDIR);
		exit();
	}
	DB::query("delete from ".DB::table('plusin_sxooo_vote_gbook')." where id=".$gplid."");
	showmessage($tsxx[delplok],"plugin.php?id=sxooo_dzx&xsid=$gxsid&hdid=$ghdid&action=show");
	exit();
}
if($action=="xsdel" && isset($_GET["xsid"]) && isset($_GET["hdid"])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx], SVOTEDIR);
		exit();
	}
	DB::query("delete from ".DB::table('plusin_sxooo_vote_xs')." where xsid=".$gxsid." and hdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_tp')." where tid=".$gxsid." and thdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_gbook')." where xsid=".$gxsid." and glid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_info')." where xsid=".$gxsid." and hdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_xsimg')." where xsid=".$gxsid." and hdid=".$ghdid."");
	showmessage($tsxx[delxsok],SVOTEDIR);
	exit();
}
if($action=="hddel" && $actions=="yes" && isset($_GET["hdid"])){
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[delhdqxer], SVOTEDIR);
		exit();
	}
	DB::query("delete from ".DB::table('plusin_sxooo_vote_hd')." where hdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_xs')." where hdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_tp')." where thdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_gbook')." where glid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_info')." where hdid=".$ghdid."");
	DB::query("delete from ".DB::table('plusin_sxooo_vote_xsimg')." where hdid=".$ghdid."");
	showmessage($tsxx[delhdqxok],SVOTEDIR);
	exit();
}
if($action=="deltp"){
	if($_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		showmessage($tsxx[xgqx], SVOTEDIR);
		exit();
	}
	if(DB::query("delete from ".DB::table('plusin_sxooo_vote_tp')."")){
		showmessage($tsxx[deltpok],SVOTEDIR);
		exit();
	}
	else{
		showmessage($tsxx[deltper],SVOTEDIR);
		exit();
	}
}
if($action=="vote" && isset($_GET["xsid"]) && isset($_GET["hdid"])){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($hdvoteos == 0){
		showmessage($tsxx[huodonggb], "javascript:history.back(-1)");
		exit();
	}
	if($svote_group == "1" && !$_G['uid']){
		showmessage('not_loggedin', NULL, array(), array('login' => 1));
		exit();
	}
	if($svote_yzos == 1){
		session_start();
		if($svote_yzos == 1 && $tpseccode != $_SESSION["seccodes"]){
			showmessage($tsxx[seccodeer], "javascript:history.back(-1)");
			exit();
		}
		session_destroy();
	}
	$total=mysql_num_rows(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_tp')." where ip='".$ip."'"));
	if($total>=$hdipcs){
		showmessage($tsxx[ipcsxzq].$hdipcs.$tsxx[ipcsxzh], "javascript:history.back(-1)");
		exit();
	}
	if(!$_G['uid'] && $_G['uid'] != $axguid && $_G['uid'] != $sms_uid){
		$total=mysql_result(DB::query("SELECT xsuid FROM ".DB::table('plusin_sxooo_vote_xs')." where xsid=".$gxsid.""),0,"xsuid");
		if ($total==$_G['uid']){
			showmessage($tsxx[touziji],"javascript:history.back(-1)");
			exit();
		}
		$total = mysql_num_rows(DB::query("SELECT * FROM ".DB::table('plusin_sxooo_vote_tp')." where uname='".$_G['member']['username']."'"));
		if ($total>=$hdtpcs){
			showmessage( $tsxx[tpcsxzq].$hdtpcs.$tsxx[tpcsxzh], "javascript:history.back(-1)");
			exit();
		}
	}
	if($svote_jg == 1){
		if($_G['uid']){
			$sqlzz ="SELECT * FROM ".DB::table('plusin_sxooo_vote_tp')." where thdid = ".$hdid." and tid=".$gxsid." and uname='".$_G['member']['username']."' order by id desc limit 1";
		}
		else{
			$sqlzz ="SELECT * FROM ".DB::table('plusin_sxooo_vote_tp')." where thdid = ".$hdid." and tid=".$gxsid." and ip='".$ip."' order by id desc limit 1";
		}
		$rowzz = mysql_fetch_row(DB::query($sqlzz));
		$ttptime= $rowzz[3];
		$xztime = date('Y-m-d H:i:s');
		$ccc = strtotime($xztime) - strtotime($ttptime);
		$mcc = (($ccc%(3600*24))%3600)/60;
		if($mcc<$svote_jgtime){
			showmessage($tsxx[tptaikuai],"javascript:history.back(-1)");
			exit();
		}
	}
	if(DB::query("update ".DB::table('plusin_sxooo_vote_xs')." set p=p+'1' where xsid=".$gxsid." and hdid=".$ghdid."")){
		if(!$_G['uid']){
			$tpnames=$tsxx[youkea];
		}
		else{
			$tpnames=$_G['member']['username'];
		}
		if(DB::query("insert into ".DB::table('plusin_sxooo_vote_tp')."(uname,tid,ip,thdid) values('".$tpnames."',".$gxsid.",'".$ip."',".$ghdid.")")){
			Function getRandNumber($fMin, $fMax) {
				srand((double)microtime()*1000000);
				$fLen = "%0".strlen($fMax)."d";
				Return sprintf($fLen, rand($fMin,$fMax));
			}
			if($hdsjjlos==1 && $_G['uid']){
				$tpjl=(int)getRandNumber($hdjlxx,$hdjlsx);
				DB::query("update ".DB::table('common_member_count')." set ".$hdjlzd."=".$hdjlzd."+".$tpjl." where uid=". $_G['uid']."");
				showmessage($tsxx[sjjlokq].(int)$tpjl.$tsxx[sjjlokh],"plugin.php?id=sxooo_dzx&xsid=$gxsid&hdid=$ghdid&action=show");
			}
			else{
				showmessage($tsxx[tpchenggong],"plugin.php?id=sxooo_dzx&xsid=$gxsid&hdid=$ghdid&action=show");
				exit();
			}
		}
		else{
			DB::query("update ".DB::table('plusin_sxooo_vote_xs')." set p=p-'1' where xsid=".$gxsid."");
			showmessage($tsxx[tpxtcuowu], "javascript:history.back(-1)");
			exit();
		}
	}
	else{
		showmessage($tsxx[tpgxcuowu], "javascript:history.back(-1)");
		exit();
	}
}
if($action=="show" && $actions=="pl" && isset($_POST['message']) && isset($_GET['xsid']) && isset($_GET['hdid']) ){
	$ckxsid = mysql_fetch_row(DB::query("select xsid from ".DB::table('plusin_sxooo_vote_xs')." order by xsid desc"));
	if(!$ckxsid || $gxsid <1 || $gxsid>$ckxsid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	$ckhdid = mysql_fetch_row(DB::query("select hdid from ".DB::table('plusin_sxooo_vote_hd')." order by hdid desc"));
	if(!$ckhdid || $ghdid <1 || $ghdid>$ckhdid[0]){
		showmessage($tsxx[cserr], SVOTEDIR);
		exit();
	}
	if($sgbook_group == "1" && !$_G['uid']){
		showmessage('not_loggedin', NULL, array(), array('login' => 1));
		exit();
	}
	session_start();
	if($sgbook_yzos == 1 && $plseccode != $_SESSION["seccodes"])
	{
		showmessage($tsxx[seccodeer], "javascript:history.back(-1)");
		exit();
	}
	session_destroy();
	if($sgbook_jg == 1){
		if($_G['uid']){
			$sql ="SELECT * FROM ".DB::table('plusin_sxooo_vote_gbook')." where xsid=".$gxsid." and glid = ".$ghdid." and guid=".$_G['uid']." order by id desc limit 1";
		}
		else{
			$sql ="SELECT * FROM ".DB::table('plusin_sxooo_vote_gbook')." where xsid=".$gxsid." and glid = ".$ghdid." and ip='".$ip."' order by id desc limit 1";
		}
		$row = mysql_fetch_row(DB::query($sql));
		$ggggtime= $row[5];
		$ngtime = date('Y-m-d H:i:s');
		$diff = strtotime($ngtime) - strtotime($ggggtime);
		$m = (($diff%(3600*24))%3600)/60;
		if($m<$sgbook_jgtime){
			showmessage($tsxx[pltaikuai],"javascript:history.back(-1)");
			exit();
		}
	}
	if(!$_G['uid']){
		$plnames=$tsxx[youkea];
	}
	else{
		$plnames=$_G['member']['username'];
	}
	if(DB::query("INSERT INTO ".DB::table('plusin_sxooo_vote_gbook')." (`gname`, `ginfo`, `glid`, `xsid`, `guid`,`ip`) VALUES ( '".$plnames."', '".$pmessage."', '".$hdid."', '".$sxsid."', '".$_G['uid']."', '".$ip."')")){
		showmessage($tsxx[pinglunok], "plugin.php?id=sxooo_dzx&xsid=$gxsid&hdid=$ghdid&action=show");
		exit();
	}
	else{
		showmessage($tsxx[pingluner],"javascript:history.back(-1)");
		exit();
	}
}
include template("sxooo_dzx:index");

?>